ICT Security Architect
Senedd is looking for a strategic leadership role requiring deep technical expertise in operational cyber security management and a clear understanding of how to apply it across a complex, multi-site organisation.
As the ICT Security Architect you will provide expert advice to Senedd Members and Commission Staff, shape the Senedd ICT strategy and ensure robust compliance and governance across the organisation.
Key Tasks
* Security Architecture Design: Develop and maintain the organisation’s ICT security architecture, ensuring alignment with business objectives, regulatory requirements, and industry best practices.
* Threat and Vulnerability Management: Define and implement architectural standards for threat detection and vulnerability management, including automated scanning, penetration testing and threat modelling.
* Secure System Assurance: Lead the technical assurance of new systems and services, embedding secure‑by‑design principles and conducting cyber risk assessments to ensure resilience and compliance.
* Incident Response Architecture: Architect and validate incident response capabilities, integrating them with monitoring and alerting systems to enable rapid and effective response to security incidents.
* Technical Advisory and Communication: Provide expert guidance to Senedd Members, Senior Officials and technical teams on security architecture, translating complex concepts into clear actionable advice for both technical and non‑technical audiences.
* Collaboration and Governance: Work closely with the Governance and Assurance Service to embed security architecture into risk management processes and drive continuous improvement in technical assurance.
* Security Awareness and Training: Promote architectural security awareness across the organisation through policy development, technical training and the integration of secure design principles into operational practices.
* Standards and Compliance: Establish and maintain security architecture standards aligned with frameworks such as ISO 27001, NIST and Cyber Essentials Plus, ensuring consistent application across ICT systems.
* Technical Problem Solving: Lead the resolution of complex security architecture challenges, providing expert input on secure system design, integration and remediation strategies.
* Line Management Responsibilities: The role includes direct line management of cyber security team members, fostering a collaborative and supportive environment. Responsibilities involve setting clear objectives, conducting regular one‑to‑ones, supporting professional development and ensuring the team operates in line with organisational values and performance standards. Additionally, the post holder will mentor staff, oversee workload allocation and provide guidance to ensure the effective delivery of security architecture functions across the organisation.
Seniority Level
Mid‑Senior level
Employment Type
Full‑time
Job Function
Information Technology
Industries
Political Organizations
#J-18808-Ljbffr